-#!/usr/bin/python
-#
# Copyright (C) 2014 Ipsilon project Contributors, for licensee see COPYING
from __future__ import absolute_import
from ipsilon.providers.common import ProviderBase
-from ipsilon.providers.common import FACILITY
+from ipsilon.providers.openid.store import OpenIDStore
from ipsilon.providers.openid.auth import OpenID
from ipsilon.providers.openid.extensions.common import LoadExtensions
from ipsilon.util.plugin import PluginObject
+from ipsilon.util import config as pconfig
from ipsilon.info.common import InfoMapping
from openid.server.server import Server
-# TODO: Move this to the database
-from openid.store.memstore import MemoryStore
class IdpProvider(ProviderBase):
- def __init__(self):
- super(IdpProvider, self).__init__('openid', 'openid')
+ def __init__(self, *pargs):
+ super(IdpProvider, self).__init__('openid', 'openid', *pargs)
self.mapping = InfoMapping()
self.page = None
self.server = None
self.basepath = None
- self.extensions = None
+ self.extensions = LoadExtensions()
self.description = """
Provides OpenID 2.0 authentication infrastructure. """
- self._options = {
- 'default email domain': [
- """Default email domain, for users missing email property.""",
- 'string',
- 'example.com'
- ],
- 'endpoint url': [
- """The Absolute URL of the OpenID provider""",
- 'string',
- 'http://localhost:8080/idp/openid/'
- ],
- 'identity url template': [
- """The templated URL where identities are exposed.""",
- 'string',
- 'http://localhost:8080/idp/openid/id/%(username)s'
- ],
- 'trusted roots': [
- """List of trusted relying parties.""",
- 'list',
- []
- ],
- 'untrusted roots': [
- """List of untrusted relying parties.""",
- 'list',
- []
- ],
- 'enabled extensions': [
- """List of enabled extensions""",
- 'list',
- []
- ],
- }
+ self.new_config(
+ self.name,
+ pconfig.String(
+ 'database url',
+ 'Database URL for OpenID temp storage',
+ 'openid.sqlite'),
+ pconfig.String(
+ 'default email domain',
+ 'Used for users missing the email property.',
+ 'example.com'),
+ pconfig.String(
+ 'endpoint url',
+ 'The Absolute URL of the OpenID provider',
+ 'http://localhost:8080/idp/openid/'),
+ pconfig.Template(
+ 'identity url template',
+ 'The templated URL where identities are exposed.',
+ 'http://localhost:8080/idp/openid/id/%(username)s'),
+ pconfig.List(
+ 'trusted roots',
+ 'List of trusted relying parties.'),
+ pconfig.List(
+ 'untrusted roots',
+ 'List of untrusted relying parties.'),
+ pconfig.Choice(
+ 'enabled extensions',
+ 'Choose the extensions to enable',
+ self.extensions.available().keys()),
+ )
@property
def endpoint_url(self):
self.page = OpenID(site, self)
# self.admin = AdminPage(site, self)
+ return self.page
+
+ def init_idp(self):
+ self.server = Server(
+ OpenIDStore(self.get_config_value('database url')),
+ op_endpoint=self.endpoint_url)
+
# Expose OpenID presence in the root
- headers = site[FACILITY]['root'].default_headers
+ headers = self._root.default_headers
headers['X-XRDS-Location'] = self.endpoint_url+'XRDS'
- html_heads = site[FACILITY]['root'].html_heads
+ html_heads = self._root.html_heads
HEAD_LINK = '<link rel="%s" href="%s">'
openid_heads = [HEAD_LINK % ('openid2.provider', self.endpoint_url),
HEAD_LINK % ('openid.server', self.endpoint_url)]
html_heads['openid'] = openid_heads
- return self.page
-
- def init_idp(self):
- self.server = Server(MemoryStore(), op_endpoint=self.endpoint_url)
- loader = LoadExtensions(self.enabled_extensions)
- self.extensions = loader.get_extensions()
-
def on_enable(self):
+ super(IdpProvider, self).on_enable()
self.init_idp()
+ self.extensions.enable(self._config['enabled extensions'].get_value())
class Installer(object):
- def __init__(self):
+ def __init__(self, *pargs):
self.name = 'openid'
self.ptype = 'provider'
+ self.pargs = pargs
def install_args(self, group):
group.add_argument('--openid', choices=['yes', 'no'], default='yes',
proto, opts['hostname'], opts['instance'])
# Add configuration data to database
- po = PluginObject()
+ po = PluginObject(*self.pargs)
po.name = 'openid'
po.wipe_data()
-
- po.wipe_config_values(FACILITY)
+ po.wipe_config_values()
config = {'endpoint url': url,
- 'identity_url_template': '%sid/%%(username)s' % url,
- 'enabled': '1'}
- po.save_plugin_config(FACILITY, config)
+ 'identity_url_template': '%sid/%%(username)s' % url}
+ po.save_plugin_config(config)
+
+ # Update global config to add login plugin
+ po.is_enabled = True
+ po.save_enabled_state()
projects / cascardo / ipsilon.git / blobdiff